Interpretation of the Columns in Benchmark Compliance Rules:
Rule ID: A unique identifier for the specific security rule or check
Title: A brief description of the security issue or misconfiguration
Severity — Low to High: Determines the risk of being exposed to attacks
Service Type: The AWS service affected or evaluated by the rule
Resource Type: The specific AWS resource being audited
Rule ID | Title | Severity | Service Type | Resource Type |
---|---|---|---|---|
CSPM-AZURE-2024-0001 | The Use of Guest Users Detected | Medium | Microsoft Graph API | Guest Users |
CSPM-AZURE-2024-0003 | App Service Authentication is Disabled | High | Web | Authentication Settings |
CSPM-AZURE-2024-0004 | Client Certificates are Disabled | High | Web | Apps |
CSPM-AZURE-2024-0006 | HTTP 2.0 Disabled | Medium | Web | App Configuration |
CSPM-AZURE-2024-0007 | HTTP traffic is Permitted | High | Web | Apps |
CSPM-AZURE-2024-0008 | Managed Service Identities Disabled | High | Web | Apps |
CSPM-AZURE-2024-0009 | Web App is using an Outdated Version of the .Net Framework | Medium | Web | App Configuration |
CSPM-AZURE-2024-0011 | Web Application is using an Outdated PHP Version | High | Web | App Configuration |
CSPM-AZURE-2024-0012 | Web Application is using an Outdated Python Version | High | Web | App Configuration |
CSPM-AZURE-2024-0013 | Insecure TLS Version Detected | High | Web | Apps |
CSPM-AZURE-2024-0049 | Standard Tier is Not Enabled in Security Center | High | Security | Pricings |
CSPM-AZURE-2024-0070 | Access keys are Not Rotated on Storage Accounts | Medium | Storage | Storage Accounts |
CSPM-AZURE-2024-0071 | Secure Transfer (HTTPS) is Not Enforced on Storage Accounts | High | Storage | Storage Accounts |
CSPM-AZURE-2024-0074 | Storage Accounts Allows Public Access | High | Storage | Storage Accounts |
CSPM-AZURE-2024-0076 | “Allow trusted Microsoft services” is Disabled on Storage Accounts | Medium | Storage | Storage Accounts |
CSPM-AZURE-2024-0014 | Work in Progress (WIP) – Web App is Not Utilizing the Latest Programming Language Version | App Service | SQL Server Security Alert Policies | |
CSPM-AZURE-2024-0054 | Data Encryption is Disabled for SQL Databases | SQL | SQL DB Transparent Data Encryption | |
CSPM-AZURE-2024-0055 | Threat Detection Alerts is Disabled for SQL Databases | SQL | SQL DB Security Alert Policies | |
CSPM-AZURE-2024-0056 | Short Threat Detection Retention Period is detected for SQL Databases | SQL | SQL DB Security Alert Policies | |
CSPM–AZURE-2024-0057 | Send Threat Detection Alerts is Disabled for SQL Databases | SQL | Storage Accounts Queue Services | |
CSPM-AZURE-2024-0058 | Short Auditing Retention Period found on SQL Servers | SQL | SQL Server Auditing Settings | |
CSPM-AZURE-2024-0060 | Auditing is Disabled on SQL Servers | SQL | SQL Server Auditing Settings | |
CSPM-AZURE-2024-0064 | Short Threat Detection Retention Period is detected on SQL Servers | SQL | Server Security Alert Policies |